Here I show how to accomplish zero-downtime deployment using Unicorn. I also cover gotchas when working with migrations and how to put up a maintenance page when you do need to take down the site.
(12 minutes)

There are many approaches to locking down an API. Here I start off with HTTP Basic authentication then move on to generating a unique token which can be passed through a URL parameter or HTTP header.
(7 minutes)